aboutsummaryrefslogtreecommitdiffstats
path: root/bin/snmptrapd.py
diff options
context:
space:
mode:
authorLadue, David (dl3158) <dl3158@att.com>2018-03-14 14:01:36 -0400
committerLadue, David (dl3158) <dl3158@att.com>2018-03-18 02:42:23 -0400
commitabb283c5a3b72eb2d91e6adb4eda68184f040f35 (patch)
tree4765c8d6cb54a2ddb2052c0955425604bc265230 /bin/snmptrapd.py
parenta6f91efda578965710630154b173cf1ee9b64727 (diff)
copyright and controller ENV changes
Change-Id: Ic12aa439a03f19c7a06a536368a8d2a1f26855aa Issue-ID: DCAEGEN2-271 Signed-off-by: Ladue, David (dl3158) <dl3158@att.com>
Diffstat (limited to 'bin/snmptrapd.py')
-rw-r--r--bin/snmptrapd.py766
1 files changed, 766 insertions, 0 deletions
diff --git a/bin/snmptrapd.py b/bin/snmptrapd.py
new file mode 100644
index 0000000..dde4e39
--- /dev/null
+++ b/bin/snmptrapd.py
@@ -0,0 +1,766 @@
+# ============LICENSE_START=======================================================)
+# org.onap.dcae
+# ================================================================================
+# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+"""
+dcae_snmptrapd is responsible for SNMP trap receipt and publishing activities.
+It's behavior is controlled by CBS (config binding service) using a
+JSON construct obtained via a "get_config" call or (for testing/standalone
+purposes) a file specified using the env variable "CBS_SIM_JSON".
+
+As traps arrive they are decomposed and transformed into a JSON message which
+is published to a dmaap instance that has been defined by controller.
+
+:Parameters:
+ usage: snmptrapd.py [-v]
+:Keywords:
+ onap dcae snmp trap publish dmaap
+"""
+
+__docformat__ = 'restructuredtext'
+
+# basics
+import argparse
+import array
+import asyncio
+from collections import Counter
+import datetime
+import errno
+import inspect
+import json
+import logging
+import logging.handlers
+import os
+import pprint
+import requests
+import re
+import sys
+import signal
+import string
+import socket
+import time
+import traceback
+import unicodedata
+import uuid as uuid_mod
+
+# pysnmp
+from pysnmp.entity import engine, config
+from pysnmp.carrier.asyncio.dgram import udp, udp6
+# from pysnmp.carrier.asyncore.dgram import udp
+from pysnmp.entity.rfc3413 import ntfrcv
+from pysnmp.proto.api import v2c
+
+# dcae_snmptrap
+import trapd_settings as tds
+from trapd_runtime_pid import save_pid, rm_pid
+from trapd_get_cbs_config import get_cbs_config
+from trapd_exit import cleanup_and_exit
+from trapd_http_session import init_session_obj
+
+from trapd_file_utils import roll_all_logs, open_eelf_logs, roll_file, open_file, close_file
+from trapd_logging import ecomp_logger, stdout_logger
+
+prog_name = os.path.basename(__file__)
+verbose = False
+
+# # # # # # # # # # #
+# fx: usage_err
+# # # # # # # # # # #
+
+
+def usage_err():
+ """
+ Notify of incorrect (argument) usage
+ :Parameters:
+ none
+ :Exceptions:
+ none
+ :Keywords:
+ usage args
+ """
+
+ print('Incorrect usage invoked. Correct usage:')
+ print(' %s [-v]' % prog_name)
+ cleanup_and_exit(1, "undefined")
+
+
+# # # # # # # # # # # # # # # # # # #
+# fx: load_all_configs
+# # # # # # # # # # ## # # # # # # #
+
+
+def load_all_configs(_signum, _frame):
+ """
+ Calls individual functions to read various config files required. This
+ function is called directly (e.g. at startup) and is also registered
+ with signal handling (e.g. kill -sigusr1 <pid>)
+
+ :Parameters:
+ signum and frame (only present when called via signal to running process)
+ :Exceptions:
+ none
+ :Keywords:
+ config files
+ :Variables:
+ yaml_conf_file
+ rs
+ """
+
+ if int(_signum) != 0:
+ msg = ("received signal %s at frame %s; re-reading configs"
+ % (_signum, _frame))
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ # Initialize dmaap requests session object. Close existing session
+ # if applicable.
+ if tds.http_requ_session is not None:
+ tds.http_requ_session.close()
+
+ tds.http_requ_session = init_session_obj()
+ if tds.http_requ_session == None:
+ msg = "Unable to create new http session - FATAL ERROR, exiting"
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_FATAL, tds.CODE_GENERAL, msg)
+ stdout_logger(msg)
+ cleanup_and_exit(1, tds.pid_file_name)
+
+ # re-request config from config binding service
+ # (either broker, or json file override)
+ if not get_cbs_config():
+ msg = "error (re)loading CBS config - FATAL ERROR, exiting"
+ stdout_logger(msg)
+ cleanup_and_exit(1, tds.pid_file_name)
+
+
+# # # # # # # # # # # # #
+# fx: log_all_arriving_traps
+# # # # # # # # # # # # #
+
+
+def log_all_arriving_traps():
+
+
+ # roll logs as needed/defined in files.roll_frequency
+ if tds.c_config['files.roll_frequency'] == "minute":
+ curr_minute = datetime.datetime.now().minute
+ if curr_minute != tds.last_minute:
+ roll_all_logs()
+ tds.last_minute = curr_minute
+ elif tds.c_config['files.roll_frequency'] == "hour":
+ curr_hour = datetime.datetime.now().hour
+ if curr_hour != tds.last_hour:
+ roll_all_logs()
+ tds.last_hour = curr_hour
+ else:
+ # otherwise, assume daily roll
+ curr_day = datetime.datetime.now().day
+ if curr_day != tds.last_day:
+ roll_all_logs()
+ tds.last_day = curr_day
+
+ # now log latest arriving trap
+ try:
+ # going for:
+ # 1520971776 Tue Mar 13 16:09:36 2018; 1520971776 2018-03-13 16:09:36 DCAE-COLLECTOR-UCSNMP 15209717760049 .1.3.6.1.4.1.2636.4.1.6 gfpmt5pcs10.oss.att.com 135.91.10.139 12.123.1.240 12.123.1.240 2 varbinds: [0] .1.3.6.1.2.1.1.3.0 {10} 1212058366 140 days, 6:49:43.66 [1] .1.3.6.1.6.3.1.1.4.1.0 {6} .1.3.6.1.4.1.2636.4.1.6 [2] .1.3.6.1.4.1.2636.3.1.15.1.1.2.4.0.0 {2} 2 [3] .1.3.6.1.4.1.2636.3.1.15.1.2.2.4.0.0 {2} 4 [4] .1.3.6.1.4.1.2636.3.1.15.1.3.2.4.0.0 {2} 0 [5] .1.3.6.1.4.1.2636.3.1.15.1.4.2.4.0.0 {2} 0 [6] .1.3.6.1.4.1.2636.3.1.15.1.5.2.4.0.0 {4} PEM 3 [7] .1.3.6.1.4.1.2636.3.1.15.1.6.2.4.0.0 {2} 7 [8] .1.3.6.1.4.1.2636.3.1.15.1.7.2.4.0.0 {2} 4 [9] .1.3.6.1.6.3.18.1.3.0 {7} 12.123.1.240
+
+ tds.arriving_traps_fd.write('%s %s; %s %s %s %s %s %s %s %s %s %s %s\n' %
+ (tds.trap_dict["time received"],
+ time.strftime("%a %b %d %H:%M:%S %Y", time.localtime(time.time())),
+ time.strftime("%a %b %d %H:%M:%S %Y", time.localtime(tds.trap_dict["time received"])),
+ tds.trap_dict["trap category"],
+ tds.trap_dict["epoch_serno"],
+ tds.trap_dict["notify OID"],
+ tds.trap_dict["agent name"],
+ tds.trap_dict["agent address"],
+ tds.trap_dict["cambria.partition"],
+ tds.trap_dict["protocol version"],
+ tds.trap_dict["sysUptime"],
+ tds.trap_dict["uuid"],
+ tds.all_vb_json_str))
+
+ except Exception as e:
+ msg = "Error writing to %s : %s - arriving trap %s NOT LOGGED" %(tds.arriving_traps_filename, str(e), tds.trap_dict["uuid"])
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_CRIT, tds.CODE_GENERAL, msg)
+
+
+# # # # # # # # # # # # #
+# fx: log_published_messages
+# # # # # # # # # # # # #
+
+
+def log_published_messages(_post_data_enclosed):
+
+ # FIXME: should keep data dictionary of Fd's open, and reference those vs.
+ # repeatedly opening append-mode
+
+ msg = "adding trap UUID %s to json log" % tds.trap_dict["uuid"]
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+
+ try:
+ tds.json_traps_fd.write('%s\n' % _post_data_enclosed)
+ msg = "successfully logged json for %s to %s" % (tds.trap_dict["uuid"], tds.json_traps_filename)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ except Exception as e:
+ msg = "Error writing to %s : %s - trap %s NOT LOGGED" %(tds.json_traps_filename, str(e), tds.trap_dict["uuid"])
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_CRIT, tds.CODE_GENERAL, msg)
+
+
+# # # # # # # # # # # # #
+# fx: post_dmaap
+# # # # # # # # # # # # #
+
+
+def post_dmaap():
+ """
+ Publish trap daata in json format to dmaap
+ :Parameters:
+ :Exceptions:
+ none
+ :Keywords:
+ http post dmaap json message
+ :Variables:
+ """
+
+ http_headers = {"Content-type": "application/json"}
+
+ if tds.http_requ_session is None:
+ msg = "tds.http_requ_session is None - getting new (%s)" % tds.http_requ_session
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ tds.http_requ_session = init_session_obj()
+
+ # if only 1 trap, ship as-is
+ if tds.traps_since_last_publish == 1:
+ post_data_enclosed = tds.all_traps_str
+ else:
+ # otherwise, add brackets around package
+ post_data_enclosed = '[' + tds.all_traps_str + ']'
+
+ msg = "post_data_enclosed: %s" % (post_data_enclosed)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ k = 0
+ dmaap_pub_success = False
+
+ while not dmaap_pub_success and k < (int(tds.c_config['publisher.http_retries'])):
+ try:
+ if tds.c_config['streams_publishes']['sec_fault_unsecure']['aaf_username'] == "" or tds.c_config['streams_publishes']['sec_fault_unsecure']['aaf_username'] == None:
+ msg = "%d trap(s) : %s - attempt %d (unsecure)" % (tds.traps_since_last_publish, tds.trap_uuids_in_buffer, k)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ http_resp = tds.http_requ_session.post(tds.c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url'], post_data_enclosed,
+ headers=http_headers,
+ timeout=tds.timeout_seconds)
+ else:
+ msg = "%d trap(s) : %s - attempt %d (secure)" % (tds.traps_since_last_publish, tds.trap_uuids_in_buffer, k)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ http_resp = tds.http_requ_session.post(tds.c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url'], post_data_enclosed,
+ auth=(tds.c_config['streams_publishes']['sec_fault_unsecure']['aaf_username'],
+ tds.c_config['streams_publishes']['sec_fault_unsecure']['aaf_password']),
+ headers=http_headers,
+ timeout=tds.timeout_seconds)
+
+ if http_resp.status_code == requests.codes.ok:
+ # msg = "%d trap(s) : %s successfully published - response from %s: %d %s" % (traps_since_last_publish, trap_uuids_in_buffer, ((c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url']).split('/')[2][:-5]) ,http_resp.status_code, http_resp.text)
+ msg = "%d trap(s) successfully published: %s" % (tds.traps_since_last_publish, tds.trap_uuids_in_buffer)
+ ecomp_logger(tds.LOG_TYPE_METRICS, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+ log_published_messages(post_data_enclosed)
+ tds.last_pub_time = time.time()
+ dmaap_pub_success = True
+ break
+ else:
+ msg = "Trap(s) %s publish attempt %d returned non-normal: %d %s" % (tds.trap_uuids_in_buffer, k, http_resp.status_code, http_resp.text)
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_WARN, tds.CODE_GENERAL, msg)
+
+ except OSError as e:
+ msg = "OS exception while attempting to post %s attempt %s: (%s) %s %s" % (tds.trap_uuids_in_buffer, k, e.errno, e.strerror, str(e))
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_WARN, tds.CODE_GENERAL, msg)
+
+ except requests.exceptions.RequestException as e:
+ msg = "Requests exception while attempting to post %s attempt %d: (%d) %s" % (tds.trap_uuids_in_buffer, int(k), int(e.errno), str(e.strerror))
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_WARN, tds.CODE_GENERAL, msg)
+
+ k += 1
+
+ if k < tds.c_config['publisher.http_retries']:
+ msg = "sleeping %.4f seconds and retrying" % (tds.seconds_between_retries)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ time.sleep(tds.seconds_between_retries)
+ else:
+ break
+
+ if not dmaap_pub_success:
+ msg = "ALL publish attempts failed for traps %s to URL %s "\
+ % (tds.trap_uuids_in_buffer, tds.c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url'])
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_CRIT, tds.CODE_GENERAL, msg)
+
+ # FIXME: This currently tries, then logs error and trashes buffer if all dmaap attempts fail. Better way?
+ tds.traps_since_last_publish = 0
+ tds.trap_uuids_in_buffer=""
+ tds.all_traps_str = ""
+ tds.first_trap = True
+
+# # # # # # # # # # # # # # # # # # #
+# fx: request_observer for community string rewrite
+# # # # # # # # # # # # # # # # # # #
+def comm_string_rewrite_observer(snmpEngine, execpoint, variables, cbCtx):
+
+ # match ALL community strings
+ if re.match('.*', str(variables['communityName'])):
+ # msg = "Rewriting communityName '%s' from %s into 'public'" % (variables['communityName'], ':'.join([str(x) for x in
+ # variables['transportInformation'][1]]))
+ # ecomp_logger(eelf_debug_fd, eelf_debug_fd, tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+ variables['communityName'] = variables['communityName'].clone('public')
+
+# # # # # # # # # # # # # # # # # # #
+# fx: snmp_engine_observer_cb
+# callback for when trap is received
+# # # # # # # # # # # # # # # # # # #
+
+
+def snmp_engine_observer_cb(snmp_engine, execpoint, variables, cbCtx):
+ """
+ Decompose trap attributes and load in dictionary which is later used to
+ create json string for publishing to dmaap.
+ :Parameters:
+ snmp_engine
+ snmp engine created to listen for arriving traps
+ execpoint
+ point in code that snmp_engine_observer_cb was invoked
+ variables
+ trap attributes
+ cbCtx
+ callback context
+ :Exceptions:
+ none
+ :Keywords:
+ UEB non-AAF legacy http post
+ :Variables:
+ """
+
+ # init dictionary on new trap
+ tds.trap_dict = {}
+
+ # assign uuid to trap
+ tds.trap_dict["uuid"] = str(uuid_mod.uuid1())
+
+ # ip and hostname
+ ip_addr_str = str(variables['transportAddress'][0])
+ tds.trap_dict["agent address"] = ip_addr_str
+
+ msg = 'snmp trap arrived from %s, assigned uuid: %s' % \
+ (ip_addr_str, tds.trap_dict["uuid"])
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ try:
+ if int(tds.dns_cache_ip_expires[ip_addr_str] < int(time.time())):
+ raise Exception('cache expired for %s at %d - updating value' %
+ (ip_addr_str, (tds.dns_cache_ip_expires[ip_addr_str])))
+ else:
+ tds.trap_dict["agent name"] = tds.dns_cache_ip_to_name[ip_addr_str]
+ except:
+ msg = "dns cache expired or missing for %s - refreshing" % ip_addr_str
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ try:
+ agent_fqdn,alias,addresslist = socket.gethostbyaddr(ip_addr_str)
+ except:
+ agent_fqdn = ip_addr_str
+
+ tds.trap_dict["agent name"] = agent_fqdn
+
+ tds.dns_cache_ip_to_name[ip_addr_str] = agent_fqdn
+ tds.dns_cache_ip_expires[ip_addr_str] = (
+ time.time() + tds.c_config['cache.dns_cache_ttl_seconds'])
+ msg = "cache for %s (%s) updated - set to expire at %d" % \
+ (agent_fqdn, ip_addr_str, tds.dns_cache_ip_expires[ip_addr_str])
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ tds.trap_dict["cambria.partition"] = str(tds.trap_dict["agent name"])
+ tds.trap_dict["community"] = "" # do not include cleartext community in pub
+ tds.trap_dict["community len"] = 0
+
+ # FIXME.CHECK_WITH_DOWNSTREAM_CONSUMERS: get rid of round for millisecond val
+ # epoch_second = int(round(time.time()))
+ epoch_msecond = time.time()
+ epoch_second = int(round(epoch_msecond))
+ if epoch_second == tds.last_epoch_second:
+ tds.traps_in_epoch += 1
+ else:
+ tds.traps_in_epoch = 0
+ tds.last_epoch_second = epoch_second
+ traps_in_epoch_04d = format(tds.traps_in_epoch, '04d')
+ tds.trap_dict['epoch_serno'] = int(
+ (str(epoch_second) + str(traps_in_epoch_04d)))
+
+ snmp_version = variables['securityModel']
+ if snmp_version == 1:
+ tds.trap_dict["protocol version"] = "v1"
+ else:
+ if snmp_version == 2:
+ tds.trap_dict["protocol version"] = "v2c"
+ else:
+ if snmp_version == 3:
+ tds.trap_dict["protocol version"] = "v3"
+ else:
+ tds.trap_dict["protocol version"] = "unknown"
+
+ if snmp_version == 3:
+ tds.trap_dict["protocol version"] = "v3"
+ tds.trap_dict["security level"] = str(variables['securityLevel'])
+ tds.trap_dict["context name"] = str(variables['contextName'].prettyPrint())
+ tds.trap_dict["security name"] = str(variables['securityName'])
+ tds.trap_dict["security engine"] = str(
+ variables['contextEngineId'].prettyPrint())
+ tds.trap_dict['time received'] = epoch_msecond
+ tds.trap_dict['trap category'] = (tds.c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url']).split('/')[-1]
+
+
+# # # # # # # # # # # # # # # # # # #
+# fx: request_observer for community string rewrite
+# # # # # # # # # # # # # # # # # # #
+def add_varbind_to_json(vb_idx, vb_oid, vb_type, vb_val):
+ """
+ Called for each varbind, adds individual attributes of varbind instance to
+ vb_json_str. vb_json_str will be added to curr_trap_json_str prior to publish.
+ :Parameters:
+ vb_idx
+ index to specific varbind being processed
+ vb_oid
+ the varbind oid
+ vb_val
+ the value of the varbind
+ :Exceptions:
+ none
+ :Keywords:
+ varbind extract json
+ :Variables:
+ """
+
+ _individual_vb_dict = {}
+
+ if tds.trap_dict["protocol version"] == "v2c":
+ # if v2c and first 2 varbinds, special handling required - e.g. put
+ # in trap_dict, not vb_json_str
+ if vb_idx == 0:
+ tds.trap_dict["sysUptime"] = str(vb_val.prettyPrint())
+ return True
+ else:
+ if vb_idx == 1:
+ tds.trap_dict["notify OID"] = str(vb_val.prettyPrint())
+ tds.trap_dict["notify OID len"] = (
+ tds.trap_dict["notify OID"].count('.') + 1)
+ return True
+ if tds.first_varbind:
+ tds.all_vb_json_str = ', \"varbinds\": ['
+ tds.first_varbind = False
+ else:
+ # all_vb_json_str = ''.join([all_vb_json_str, ' ,'])
+ # all_vb_json_str = "%s ," % all_vb_json_str
+ tds.all_vb_json_str = tds.all_vb_json_str + " ,"
+
+ _individual_vb_dict.clear()
+ _individual_vb_dict['varbind_oid'] = vb_oid.prettyPrint()
+ _individual_vb_dict['varbind_type'] = vb_type
+ _individual_vb_dict['varbind_value'] = vb_val.prettyPrint()
+
+ _individual_vb_json_str = json.dumps(_individual_vb_dict)
+
+ # all_vb_json_str = "%s%s" % (all_vb_json_str, individual_vb_json_str)
+ # all_vb_json_str = ''.join([all_vb_json_str, individual_vb_json_str])
+ tds.all_vb_json_str = tds.all_vb_json_str + _individual_vb_json_str
+ return True
+
+
+# Callback function for receiving notifications
+# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
+def notif_receiver_cb(snmp_engine, stateReference, contextEngineId, contextName,
+ varBinds, cbCtx):
+ """
+ Callback executed when trap arrives
+ :Parameters:
+ snmp_engine
+ snmp engine created to listen for arriving traps
+ stateReference
+ contextEngineId
+ contextName
+ varBinds
+ trap varbinds - why we are here
+ cbCtx
+ callback context
+ :Exceptions:
+ none
+ :Keywords:
+ callback trap arrival
+ :Variables:
+ """
+
+ msg = "processing varbinds for %s" % (tds.trap_dict["uuid"])
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ # FIXME update reset location when batching publishes
+ vb_idx = 0
+
+ # For reference:
+ #
+ # print('\nvarBinds ==> %s' % (varBinds))
+ #
+ # varBinds ==> [(ObjectName('1.3.6.1.2.1.1.3.0'), TimeTicks(1243175676)),
+ # (ObjectName('1.3.6.1.6.3.1.1.4.1.0'), ObjectIdentifier('1.3.6.1.4.1.74.2.46.12.1.1')),
+ # (ObjectName('1.3.6.1.4.1.74.2.46.12.1.1.1'), OctetString(b'ucsnmp heartbeat - ignore')),
+ # (ObjectName('1.3.6.1.4.1.74.2.46.12.1.1.2'), OctetString(b'Fri Aug 11 17:46:01 EDT 2017'))]
+ #
+
+ tds.all_vb_json_str = ""
+ vb_idx = 0
+ tds.first_varbind = True
+
+ # iterate over varbinds, add to json struct
+ for vb_oid, vb_val in varBinds:
+ add_varbind_to_json(vb_idx, vb_oid, vb_val.__class__.__name__, vb_val)
+ vb_idx += 1
+
+ # FIXME: DL back out first 2 varbinds for v2c notifs prior to publishing varbind count
+ # trap_dict["varbind count"] = vb_idx
+ curr_trap_json_str = json.dumps(tds.trap_dict)
+ # now have everything except varbinds in "curr_trap_json_str"
+
+ # if varbinds present - which will almost always be the case - add all_vb_json_str to trap_json_message
+ if vb_idx != 0:
+ # close out vb array
+ # all_vb_json_str += "]"
+ # all_vb_json_str = ''.join([all_vb_json_str, ']'])
+ tds.all_vb_json_str = tds.all_vb_json_str + ']'
+
+ # remove last close bracket from curr_trap_json_str
+ curr_trap_json_str = curr_trap_json_str[:-1]
+
+ # add vb_json_str to payload
+ # curr_trap_json_str += all_vb_json_str
+ # curr_trap_json_str = ''.join([curr_trap_json_str, all_vb_json_str])
+ curr_trap_json_str = curr_trap_json_str + tds.all_vb_json_str
+
+ # add last close brace back in
+ # curr_trap_json_str += "}"
+ # curr_trap_json_str = ''.join([curr_trap_json_str, '}'])
+ curr_trap_json_str = curr_trap_json_str + '}'
+
+ msg = "trap %s : %s" % (tds.trap_dict["uuid"], curr_trap_json_str)
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+
+ # now have a complete json message for this trap in "curr_trap_json_str"
+ tds.traps_since_last_publish += 1
+ milliseconds_since_last_publish = (time.time() - tds.last_pub_time) * 1000
+
+ msg = "adding %s to buffer" % (tds.trap_dict["uuid"])
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ if tds.first_trap:
+ tds.all_traps_str = curr_trap_json_str
+ tds.trap_uuids_in_buffer = tds.trap_dict["uuid"]
+ tds.first_trap = False
+ else:
+ tds.trap_uuids_in_buffer = tds.trap_uuids_in_buffer + ', ' + tds.trap_dict["uuid"]
+ tds.all_traps_str = tds.all_traps_str + ', ' + curr_trap_json_str
+
+ # always log arriving traps
+ log_all_arriving_traps()
+
+ # publish to dmaap after last varbind is processed
+ if tds.traps_since_last_publish >= tds.c_config['publisher.max_traps_between_publishes']:
+ msg = "num traps since last publish (%d) exceeds threshold (%d) - publish traps" % (tds.traps_since_last_publish, tds.c_config['publisher.max_traps_between_publishes'])
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ post_dmaap()
+ elif milliseconds_since_last_publish >= tds.c_config['publisher.max_milliseconds_between_publishes']:
+ msg = "num milliseconds since last publish (%.0f) exceeds threshold - publish traps"% milliseconds_since_last_publish
+ ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_DETAILED, tds.CODE_GENERAL, msg)
+ post_dmaap()
+
+
+# # # # # # # # # # # # #
+# Main MAIN Main MAIN
+# # # # # # # # # # # # #
+# parse command line args
+parser = argparse.ArgumentParser(description='Post SNMP traps '
+ 'to message bus')
+parser.add_argument('-v', action="store_true", dest="verbose",
+ help="verbose logging")
+parser.add_argument('-?', action="store_true", dest="usage_requested",
+ help="show command line use")
+
+# parse args
+args = parser.parse_args()
+
+# set vars from args
+verbose = args.verbose
+usage_requested = args.usage_requested
+
+# if usage, just display and exit
+if usage_requested:
+ usage_err()
+
+# init vars
+tds.init()
+
+# Set initial startup hour for rolling logfile
+tds.last_hour = datetime.datetime.now().hour
+
+# get config binding service (CBS) values (either broker, or json file override)
+load_all_configs(0,0)
+msg = "%s : %s version %s starting" % (prog_name, tds.c_config['snmptrap.title'], tds.c_config['snmptrap.version'])
+stdout_logger(msg)
+
+# Avoid this unless needed for testing; it prints sensitive data to log
+#
+# msg = "Running config: "
+# stdout_logger(msg)
+# msg = json.dumps(c_config, sort_keys=False, indent=4)
+# stdout_logger(msg)
+
+# open various ecomp logs
+open_eelf_logs()
+
+# bump up logging level if overridden at command line
+if verbose:
+ msg = "WARNING: '-v' argument present. All messages will be logged. This can slow things down, use only when needed."
+ tds.minimum_severity_to_log=0
+ stdout_logger(msg)
+
+# name and open arriving trap log
+tds.arriving_traps_filename = tds.c_config['files.runtime_base_dir'] + "/" + tds.c_config['files.log_dir'] + "/" + (tds.c_config['files.arriving_traps_log'])
+tds.arriving_traps_fd = open_file(tds.arriving_traps_filename)
+msg = ("arriving traps logged to: %s" % tds.arriving_traps_filename)
+stdout_logger(msg)
+ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+
+# name and open json trap log
+tds.json_traps_filename = tds.c_config['files.runtime_base_dir'] + "/" + tds.c_config['files.log_dir'] + "/" + "DMAAP_" + (tds.c_config['streams_publishes']['sec_fault_unsecure']['dmaap_info']['topic_url'].split('/')[-1]) + ".json"
+tds.json_traps_fd = open_file(tds.json_traps_filename)
+msg = ("published traps logged to: %s" % tds.json_traps_filename)
+stdout_logger(msg)
+ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+
+# setup signal handling for config reload
+signal.signal(signal.SIGUSR1, load_all_configs)
+
+# save current PID for future/external reference
+tds.pid_file_name = tds.c_config['files.runtime_base_dir'] + \
+ '/' + tds.c_config['files.pid_dir'] + '/' + prog_name + ".pid"
+msg = "Runtime PID file: %s" % tds.pid_file_name
+ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg)
+rc = save_pid(tds.pid_file_name)
+
+# Get the event loop for this thread
+loop = asyncio.get_event_loop()
+
+# Create SNMP engine with autogenernated engineID pre-bound
+# to socket transport dispatcher
+snmp_engine = engine.SnmpEngine()
+
+# # # # # # # # # # # #
+# Transport setup
+# # # # # # # # # # # #
+
+# UDP over IPv4
+# FIXME: add check for presense of ipv4_interface prior to attempting add OR just put entire thing in try/except clause
+try:
+ ipv4_interface = tds.c_config['protocols.ipv4_interface']
+ ipv4_port = tds.c_config['protocols.ipv4_port']
+
+ try:
+ config.addTransport(
+ snmp_engine,
+ udp.domainName + (1,),
+ udp.UdpTransport().openServerMode(
+ (ipv4_interface, ipv4_port))
+ )
+ except Exception as e:
+ msg = "Unable to bind to %s:%s - %s" % (ipv4_interface, ipv4_port, str(e))
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_FATAL, tds.CODE_GENERAL, msg)
+ stdout_logger(msg)
+ cleanup_and_exit(1, tds.pid_file_name)
+
+except Exception as e:
+ msg = "IPv4 interface and/or port not specified in config - not listening for IPv4 traps"
+ stdout_logger(msg)
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_WARN, tds.CODE_GENERAL, msg)
+
+
+# UDP over IPv4, second listening interface/port example if you don't want to listen on all
+# config.addTransport(
+# snmp_engine,
+# udp.domainName + (2,),
+# udp.UdpTransport().openServerMode(('127.0.0.1', 2162))
+# )
+
+
+# UDP over IPv6
+# FIXME: add check for presense of ipv6_interface prior to attempting add OR just put entire thing in try/except clause
+try:
+ ipv6_interface = tds.c_config['protocols.ipv6_interface']
+ ipv6_port = tds.c_config['protocols.ipv6_port']
+
+ try:
+ config.addTransport(
+ snmp_engine,
+ udp6.domainName,
+ udp6.Udp6Transport().openServerMode(
+ (ipv6_interface, ipv6_port))
+ )
+ except Exception as e:
+ msg = "Unable to bind to %s:%s - %s" % (ipv6_interface,ipv6_port, str(e))
+ stdout_logger(msg)
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_FATAL, tds.CODE_GENERAL, msg)
+ cleanup_and_exit(1, tds.pid_file_name)
+
+except Exception as e:
+ msg = "IPv6 interface and/or port not specified in config - not listening for IPv6 traps"
+ stdout_logger(msg)
+ ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_WARN, tds.CODE_GENERAL, msg)
+
+
+# # # # # # # # # # # #
+# SNMPv1/2c setup
+# # # # # # # # # # # #
+
+# SecurityName <-> CommunityName mapping
+# to restrict trap reception to only those with specific community
+# strings
+config.addV1System(snmp_engine, 'my-area', 'public')
+
+# register comm_string_rewrite_observer for message arrival
+snmp_engine.observer.registerObserver(
+ comm_string_rewrite_observer,
+ 'rfc2576.processIncomingMsg:writable'
+)
+
+# register snmp_engine_observer_cb for message arrival
+snmp_engine.observer.registerObserver(
+ snmp_engine_observer_cb,
+ 'rfc3412.receiveMessage:request',
+ 'rfc3412.returnResponsePdu',
+)
+
+# Register SNMP Application at the SNMP engine
+ntfrcv.NotificationReceiver(snmp_engine, notif_receiver_cb)
+
+snmp_engine.transportDispatcher.jobStarted(1) # loop forever
+
+# Run I/O dispatcher which will receive traps
+try:
+ snmp_engine.transportDispatcher.runDispatcher()
+except:
+ snmp_engine.observer.unregisterObserver()
+ snmp_engine.transportDispatcher.closeDispatcher()
+ cleanup_and_exit(1, tds.pid_file_name)